Microsoft's Recall feature will now be opt-in and double-encrypted after privacy protests

VB Transform 2024 returns in July! More than 400 business leaders will gather in San Francisco July 9-11 to delve into the advancement of GenAI strategies and engage in thought-provoking community discussions. Find out how you can attend here.


Microsoft has announced big changes to the recently unveiled AI-powered Recall feature, part of the new line of Copilot+ PCs, in response to blistering criticism from security researchers about potential privacy risks. The company said it would make the feature opt-in, require biometric authentication to access stored data and add additional layers of encryption.

Introduced last month, To remind was touted as a groundbreaking capability that would automatically take screenshots as users worked, allowing them to search their computer history using natural language searches. But security experts quickly raised red flags, warning that the feature's massive data collection and lack of robust protections created serious privacy and security vulnerabilities.

In a blog postPavan Davuluri, Microsoft's Corporate Vice President for Windows + Devices, acknowledged the “clear signal” from critics that the company needed to strengthen security and make it easier for users to choose whether or not to enable Recall. The changes, which will be implemented ahead of the feature's public release on June 18, include:

  • Set up recall opt-in during PC setup, with the feature disabled by default
  • Requires Windows Hello biometric registration and “proof of presence” to view the Recall timeline and search its contents
  • Adding “just in time” decryption of the Recall database, protected by Windows Hello Enhanced Sign-in Security (ESS)
  • Coding the search index database

The additional encryption is especially notable, as it should make it significantly more difficult for attackers or unauthorized users to access the potentially sensitive data captured by Recall, even if they gain access to the database. Saved screenshots are now double encrypted and can only be decrypted using the authenticated user's biometric data on the registered device.


VB Transform 2024 Registration is open

Join business leaders in San Francisco from July 9 to 11 for our flagship AI event. Connect with colleagues, explore the opportunities and challenges of generative AI, and learn how to integrate AI applications into your industry. register now


Critics, including leading cybersecurity companies and privacy advocates, argued that the continued storage and processing of screenshots could become a target for malicious actors. The outrage reached a peak when a investigative report by the BBC revealed vulnerabilities which could potentially be misused to access sensitive information without adequate user consent.

In response to the criticism, Microsoft published a blog post on their Windows Experience Blog detailing their decision to make Recall an opt-in feature during the preview phase. “Privacy and security come first,” the message said, highlighting that the company is taking steps to reassess the feature's impact on user privacy.

The future of Recall: balancing innovation with user trust

The decision to make the feature opt-in was met with mixed reactions. Some industry analysts are praising Microsoft for moving quickly in response to user feedback. “It turns out that speaking out works,” said Kevin Beaumont, a cybersecurity researcher in a post on X.com. “Microsoft is making significant changes to Recall, including making it sign in specifically, requiring Windows Hello facial scanning to activate and use it, and actually trying to encrypt the database, they say.”

On the other hand, some users express disappointment, as they had anticipated the convenience that Recall promised. “Honestly, I've seen zero positivity about Recall (the Windows feature that takes screenshots every five seconds), which leads me to believe no one thinks this is a good feature,” says Dr. Owain Kenway in a post on X.com. “But is there a secret undercurrent of pro-Recall users who are embarrassed and silent?”

Microsoft has committed to a thorough review and review of Recall's security measures. According to their press release, the company plans to conduct extensive testing with select users who sign up for the post-review preview to collect more data and refine the feature's security framework.

This incident underlines the delicate balance that technology companies must maintain between innovating with cutting-edge AI technologies and ensuring the privacy and security of their users. It also highlights the growing role of public and expert control in shaping the development and deployment of new technologies in the digital age. As Microsoft tackles these challenges, the technology community and its users will no doubt be keeping a close eye on how Recall evolves and how it can set precedents for future AI integrations in consumer technology.

Related Posts

General Catalyst makes India push with Venture Highway merger

General Catalyst, a Silicon Valley venture capital group, is expanding its presence in India by joining forces with a local venture capital firm and committing more than $500 million to…

France leads the way in GenAI funding in Europe, London has three times as many GenAI startups

Like it or hate itartificial intelligence – especially generative AI – does the technology story of 2024. OpenAI, with the rollout of viral services like ChatGPT and billions in funding,…

Leave a Reply

Your email address will not be published. Required fields are marked *

You Missed

Demand for mortgages is leveling off, even as interest rates reach their lowest level since March

  • June 20, 2024
Demand for mortgages is leveling off, even as interest rates reach their lowest level since March

At least one in four residential yards in the U.S. exceeds the new EPA guideline for lead levels in soil

  • June 20, 2024
At least one in four residential yards in the U.S. exceeds the new EPA guideline for lead levels in soil

General Catalyst makes India push with Venture Highway merger

  • June 20, 2024
General Catalyst makes India push with Venture Highway merger

Shares of Guzman y Gomez are surging more than 39% in their trading debut

  • June 20, 2024
Shares of Guzman y Gomez are surging more than 39% in their trading debut

Two climate activists arrested after spraying orange paint on Stonehenge: NPR

  • June 20, 2024
Two climate activists arrested after spraying orange paint on Stonehenge: NPR

Paradromics wants to make brain implants a reality before the end of this decade

  • June 20, 2024
Paradromics wants to make brain implants a reality before the end of this decade

Golden Goose postpones the Milan IPO due to the political unrest in Europe

  • June 20, 2024
Golden Goose postpones the Milan IPO due to the political unrest in Europe

Lydia Jacoby misses out on Tokyo Olympic gold in Paris after surprise: 'It hasn't fully sunk in yet'

  • June 20, 2024
Lydia Jacoby misses out on Tokyo Olympic gold in Paris after surprise: 'It hasn't fully sunk in yet'

Hours of power outages affect millions of people in Ecuador after transmission line failure

  • June 20, 2024
Hours of power outages affect millions of people in Ecuador after transmission line failure

Where to watch Euro 2024 online as Scotland faces Switzerland: Schedule, Live Stream, TV Channel, Online

  • June 20, 2024
Where to watch Euro 2024 online as Scotland faces Switzerland: Schedule, Live Stream, TV Channel, Online

France leads the way in GenAI funding in Europe, London has three times as many GenAI startups

  • June 20, 2024
France leads the way in GenAI funding in Europe, London has three times as many GenAI startups